Tuesday 5/26
CIS Safeguard 10.6: Centrally Manage Anti-Malware Software
https://www.gothamtg.com/blog/cis-safeguard-106-centrally-manage-anti-malware-software
How to Prevent Man-in-the-Middle Attacks (HYPR)
Man-in-the-middle attacks are becoming increasingly common and increasingly difficult to prevent. Sophisticated phishing kits are readily available to purchase that include tools to launch man-in-the-middle attacks to steal MFA tokens. Remote workers on unsecured networks present a particularly soft target.
https://www.hypr.com/blog/how-to-prevent-man-in-the-middle-attacks
What’s new in Microsoft Security: May 2026 (Microsoft)
As organizations accelerate AI adoption, security teams are navigating new blind spots created by the broad distribution of agents, data, and identities across different tools and platforms. Microsoft Security’s latest updates extend visibility, control, and protection across your expanding ecosystem, from third-party apps like Claude to your cloud environments and multi-cloud infrastructure.
https://www.microsoft.com/en-us/security/blog/2026/05/21/whats-new-in-microsoft-security-may-2026/
Wednesday 5/27
2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind the AI Transformation (Check Point)
Organizations making progress are shifting toward unified policy models where security rules are defined once and applied consistently across all environments. This hybrid mesh architecture approach – championed by Check Point – enables distributed enforcement without sacrificing consistency.
https://blog.checkpoint.com/securing-the-cloud/2026-cloud-security-report-why-traditional-network-cloud-and-security-architecture-are-lagging-behind-the-ai-transformation/
Better Together: Why Microsoft Intune and ControlUp Are Both Essential for Modern IT (ControlUp)
When you add ControlUp to an Intune environment, you don’t replace anything. You gain a real-time view into the quality of every employee’s digital experience, the ability to remediate issues before they become tickets, and an automation layer that lets your IT team be proactive instead of reactive.
https://www.controlup.com/resources/blog/microsoft-intune-controlup-integration-better-together/
Thursday 5/28
Your Pizza App Password Might Be Your Biggest Security Risk
You're using the same password for your bank, your email, and that pizza rewards app you signed up for in 2019 to save $2 on breadsticks. Those breadsticks may end up being very expensive. Here's why reusing passwords is basically handing a master key to every burglar on the internet and why they don't even have to work hard to use it.
https://www.gothamtg.com/blog/your-pizza-app-password-might-be-your-biggest-security-risk
More CVEs, Same Playbook: 2026 Vulnerability Exploitation in the Wild (Proofpoint)
NIST reported that CVE submissions in Q1 2026 were nearly one-third higher than the same quarter last year, and that the National Vulnerability Database still cannot keep pace with enrichment. The widely-cited driver is AI-assisted vulnerability discovery.
https://www.proofpoint.com/us/blog/threat-insight/more-cves-same-playbook-2026-vulnerability-exploitation-wild
Friday 5/29
Missed our AI-Ready Exposure Management webinar with Axonius? Gotham is offering a complimentary Attack Surface Management Assessment – powered by Axonius – to help give your organization the Asset Intelligence you need to stay ahead of threats, artificial or otherwise.
A huge thanks to Axonius’ Ivan Dwyer and Gotham’s Steven Gold for sharing how a more contextual, automated approach can strengthen exposure management. Contact your Gotham Account Manager, or see the link below, for more details.
https://www.gothamtg.com//pub/itempdf/20260528095350_GothamAttackSurfaceManagementAssessment.pdf
Building Resilience with Multicloud Snapshot Technology (Nutanix)
Organizations are doubling down on achieving continuous, predictable resilience across hybrid, multi-cloud environments. Today, IT leaders face a critical balancing act – organizations eager to adopt AI to solve their business challenges and modernize their architectures, but without compromising on foundational security, reliability and governance objectives.
https://www.nutanix.com/blog/building-resilience-with-multicloud-snapshot-technology
Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet (CrowdStrike)
Glassworm marked a significant shift in the threat landscape that should serve as a wake-up call for every organization that ships or consumes software. Adversaries are no longer just targeting products, they're targeting the developers who build them.
https://www.crowdstrike.com/en-us/blog/inside-crowdstrike-takedown-of-a-developer-targeting-botnet/